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ORE REVISITED: AN ALGORITHMIC INVESTIGATION OF THE 
SIMPLE COMMUTATOR PROMISE PROBLEM 

by 

James Ulrich 
Advisor: Professor Michael Anshel. 

Motivated by a desire to test the security of the pubic key exchange pro- 
tocol of I. Anshel, M. Anshel, and D. Goldfeld, ('An Algebraic Method for 
Public-Key Cryptography", Mathematical Research Letters, vol. 6, pp. 1-5, 
1999), we study algorithmic approaches to the simple commutator decision 
and promise problems (SCDP/SCPP) for the braid groups B n . We take as 
our point of departure a seminal paper of O. Ore, ("Some Remarks on Com- 
mutators" , Proceedings of the American Mathematical Society, Vol. 2, No. 2, 
pp. 307-314, 1951), which studies the SCPP for the symmetric groups. 

Our results build on the work of H. Cejtin and I. Rivin, ('A Property of 
Alternating Groups", arXiv:math.GR/0303036). We extract, from their proof 
that any element of the alternating subgroup of S n can be written as a product 
of two n-cycles, an explicit algorithm for solving the SCPP for S n . We define 
a model of computation with respect to which the algorithm executes in time 
0(n 2 ). 

We then extend the algorithm to a subset of permutation braids of the braid 
groups B n , to show that any element of the commutator subgroup [B n , B n ] 
may be efficiently written as the product of a pure braid and a simple com- 
mutator of permutation braids. We use this result to define a probabilis- 
tic approach to the SCDP/SCPP, posing for future research the question of 
whether such an algorithm may be made efficient with respect to a measure 
of complexity such as that defined in a work of I. Kapovich, A. Myasnikov, P. 
Schupp, V. Shpilrain ('Average- Case Complexity and Decision Problems in 
Group Theory", Advances in Math. vol. 190, pp. 343-359, 2005). 
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1. Introduction: Ore's commutator problem. 

In the August 2004 issue of the Notices of the American Mathematical Society pE], 
Michael Aschbacher reported on the state of the Gorenstein, Lyons, and Solomon 
program, begun in the 1980s, to establish a formal, cohesively written proof of the 
classification theorem for simple finite groups. The theorem states that all finite 
simple groups fall into one of the following classes: groups of prime order, alternating 
groups, groups of Lie type (that is, having a representation involving automorphisms 
of a vector space over a finite field), or one of 26 "sporadic" groups (that is, exceptions 
to the preceding). The classification theorem is central to the study of finite groups 
G, since the simple factors of a composition series for G, in Aschenbacher's words, 
"exert a lot of control over the gross structure of G." (Recall that a composition 
series for G is a sequence of normal subgroups 1 = G < G\ < • • • < G n — G, where 
each Gi is simple - that is, contains no normal proper subgroups). 

Accordingly, a conjecture given by Oystein Ore in his seminal 1951 paper "Some 
remarks on commutators" [31] has been of interest to researchers concerned with the 
classification problem. In that paper, Ore studies the symmetric group S n (which we 
recall is the group of permutations of a set of n elements), and its alternating and 
derived subgroups. (Recall that the alternating subgroup A n C S n is the subgroup of 
permutations that can be written as products of an even number of transpositions - 
that is, swaps - of adjacent elements. Recall also that the derived group or commutator 
subgroup S' n C S n is the group generated by the simple commutators of S n , which 
are elements of the form [x,y] := xyx~ 1 y~ 1 , for x,y in S n ). In general, elements of 
the commutator subgroup of a given group are not themselves simple commutators 
(see [9], [22]). Ore conjectures in the paper that every element of a simple group G 
of finite order is in fact a simple commutator of elements of G. A key result of his 
paper is: 

Proposition 1.0.1 (Ore, [31J, theorem 7)). For n > 5, every element of the alter- 
nating group A n is a simple commutator of elements of A n . 

The authors Ellers and Gordeev, in "On the Conjectures of J. Thompson and O. 
Ore" [12], note that a stronger conjecture is attributed to R. C. Thompson: every 
finite simple group G contains a conjugacy class C such that C 2 = G, which implies 
Ore's conjecture. (An explanation of why Thompson's conjecture implies Ore's is given 
in [3]). The authors describe many examples of groups for which the Thompson con- 
jecture is known to be true, including the projective special linear group PSL n (K) 
for K a finite field, and show that the conjecture holds for all groups of Lie type over 
finite fields containing more than 8 elements. 

The work of Cejtin and Rivin [11] is of particular interest to us, as it asserts the 
following: 

Proposition 1.0.2 (Cejtin and Rivin, [H]). There is an efficient algorithm to write 
every element a of A n product of two n-cycles. 

From this, the authors show that there is an efficient algorithm to solve the simple 
commutator promise problem (SCPP) for S n . In general, given an arbitrary group G, 
and g G G guaranteed to be a simple commutator, the SCPP for G asks for explicit 
x,y G G such that g = [x, y}. 
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We will be concerned here with the symmetric groups S n and also with the braid 
groups B n , defined below. The braid groups play a central role in knot theory and 
the topology of 3 and 4-dimensional manifolds [2] [6] [26] [31] [19] |30j. They also 
play a significant role in the public key exhange protocol of Anshel, Anshel, and 
Goldfeld pQ. Hence finding an efficient method of solving the SCPP for B n is an area 
of active research, as is finding efficient methods for solving the related conjugacy 
search problem: given elements u,w G B n , find x G B n such that u = xwx~ l . 

In what follows below, we will examine the SCPP for the symmetric groups S n 
and the braid groups B n . Where the braid groups are concerned, we will restrict 
the problem to those elements w of a braid group B n that are simple commutators 
w = [x, y] of permutation braids x, y, where a permutation braid is a positive braid 
such that no two strands cross twice. Any element of a braid group B n is a product 
of permutation braids and their inverses, and for a given B n , there is a bijective map 
between the set of permutation braids of B n and S n . We will examine ways in which 
the Cejtin-Rivin algorithm can be used to address the SCPP for B n , restricted to 
simple commutators of permutation braids. 

To make the discussion of computational complexity somewhat more rigorous, we 
will first define our model of a classical Turing machine, along with our versions of 
the notions of alphabets, words, and languages, in order to map between algorithms 
expressed in terms of Turing machines and those expressed through algebraic and 
symbolic operations (i.e. "psuedo-code"). This will allow us to define our notions 
of computational complexity. We will then describe the Cejtin-Rivin algorithm for 
the simple commutator promise problem for S n , and discuss its complexity. We 
will present an explicit program, in terms of algebraic and symbolic operations, to 
implement the algorithm. Following this, we will provide definitions of the relevant 
concepts of braid groups. We will explore the extension of the Cejtin-Rivin algorithm 
to simple commutators of elements of permutation braids. Finally, we will describe 
possible avenues for future research. 
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2. Classical Turing machines and computational complexity 

In this section we describe the classical Turing machine, a model of computing that 
will allow us to discuss algorithmic complexity. 

2.1. Classical Turing machines 

In order to speak about the complexity of computational problems, we need to have 
some sort of computer in mind. So we define the notion of a Turing machine, which 
is a simple but powerful model of a computer, generally attributed to Alan Turing 
(1912-1954). We use the formulation given by |27j . 

Definition 2.1.1. For our purposes, an alphabet S will denote a subset of the set 
whose elements are the upper and lower-case letters of the English alphabet, the 
digits through 9, the symbols U and >, and the standard English punctuation 
symbols. A language L is then a subset of £*, the set of all finite strings of sym- 
bols from S. So, for example, if £ = {0,1} then we might have L C S*,L = 
{0, 10, 100, 110, 1000, 1010, • • ■ }, the set of all even numbers, expressed in binary form. 

Definition 2.1.2. A classical, single-tape, deterministic Turing machine (CDTM) 
consists of: 

(i) a quintuple (K, S, 5, s, H) where K is a finite set of states; £ is an alphabet 
containing the blank symbol U and the left end symbol >; Sj G K is the initial state; 
Sf G K is the halting state; 5 is the transition function from Kx"E to K x (£u{«— , — ►}) 
such that for all q G K, if 8(q, >) = (p, b) then b =—>■ and such that for all q G K and 
a G E, if S(q, a) = (p, b) then b ^ >. 

(ii) a unidirectionally infinite (to the right) tape consisting of squares, each containing 
one symbol from E, a finite number of which are not the blank symbol. The input 
w G X* consists of symbols from E — {>, U}, and follows the > at the left end of the 
tape; the first blank symbol denotes the end of input. 

(iii) a tape head that can read from and write to the tape, and move left and right 
along the tape. 

It is held that what can be computed on any given existing (classical) computer 
may also be computed on this version of a Turing machine; this assertion is known 
as the Church-Turing thesis (see [2H] p. 125). The machine works as follows. The 
machine starts in the initial state Sj, with the tape head positioned over the square 
immediately to the right of the left end symbol. The tape reads the symbol b at that 
square. The transition function 8(si, b) then yields a tuplet (k, b'). If b' —— >, the tape 
head moves right one square; if b 1 =«— , the tape head moves left one square (if not 
already at the left end of the tape); otherwise, the tape head replaces the symbol 
in the current square with b'. The machine then enters the state k. If k = Sf, the 
machine halts, and the contents of the tape at that time is said to be the output of 
the machine. 

Example 2.1.3 (addition of two n digit binary numbers). Let S be the alphabet {0, 1} 
and let L be the set of all pairs of symbols from E; that is, L = {(0, 0), (0, 1), (1, 0), (1, 1)}. 
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Then here is a description of the Turing Machine that accepts a pair from L, and 
adds the two elements of the pair together, outputting the result. We assume that 
the input w consists of the sequence ab where a is the first element of the pair, and b 
the second element. For convenience, we assume that the machine output will begin 
on the third square of the tape. 

Turing Machine to add two 1- digit binary numbers: 
input: Two binary digits in successive tape squares. 
states: K = {s h s f , s c , s nc , s ob , s lb } 
transition function 5: 

d(s h 1) = (s c , ->) d(s c , 1) = (si,->) d(si,l_l) = (si,l) 

d(s u 1) = (s , ->) d(s , U) = (s f , 0) d(s h 1) = (s c , ->) 

d(s c , 0) = (s lb , ->) d(si 6 , U) = (s /? 1) d(si, 0) = (s nc , ->) 

d(s nc , 1) = (s lb , ->) d(si, 0) = (s nc , ->) d(s nc , 0) = (s 6, ->) 
o?(s 6,U) = ( S/ ,0) 



The machine examines the contents of the first square; if the content is a 1, it enters 
the state s c ; otherwise it enters the state s nc . It then advances to the next square. 
If the state is s c and the content of the second square is 1, it advances to the next 
square, outputs 10, and terminates. Otherwise if the state is s c and the contents of 
the second square is 0, it advances one square, outputs 1, and terminates. It behaves 
in similar fashion for the case in which the content of the first square is a 0. 

More generally, one can describe a single-tape Turing machine that adds two n- 
digit (binary) numbers, in part as follows: 

Turing Machine to add two n-digit binary numbers: 

input: Two n-digit binary numbers a and b, each terminated by a blank, 
and printed on the input tape left to write (least significant digit of each number on 
the left). 

states: K = s i: a 1: b 1: c 1: c lc , r, r c , n c , ■ ■ ■ 
transition function 5: 

state/transitions for the for the case in which we have no carry, and both the current 
digit of a and the current digit of b are 1: 

d(n, 1) = (X, ai) d(si, 1) = (X, ai) d(ai, X) — (— >, a\) 

d(ai, !U) = (->, a x ) d(oi, U) = (->, 6i) d{b u Y) = (->, h) 

d(b u 1) = (Y, c lc ) d(ci c , !U) = (->, c lc ) d(c lc , U) = (1, r c ) 

d(r c , !X) = (^ 1, r c ) d(r c , X) = (-> 1, n c ) 

Here IS" denotes "any symbol other than S." The machine starts with the tape head 
at the leftmost digit of a, and reads the digit. If the digit is 1, it enters the state ai 
(to record that it read a 1 from a), marks the square with an X, and moves the tape 
head to the right. If it encounters any symbol other than a blank, it remains in state 
ai, and continues to move to the right. Otherwise, it enters the state b\ (to record 
that it is now processing digits of b, having read a 1 from a), and moves the tape 
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head to the right. It continues to move to the right until it stops at the next digit 
of b to be processed (this will be the first non-y digit). If that digit is 1, it marks 
the square with a Y, enters the state c\ c , (to record that it should output a 1, and 
that a carry occurred) (, and moves the tapehead to the next output square. There it 
records a 1, and enters the state r c (to record that a carry has occurred, and that it 
must now reverse to the left to find the next digit of a to process). The sets of states 
corresponding to the other scenarios (current digit of a is 0, current digit of b is 1, 
carry or no carry), as well as end of input logic, follow similarly. 

2.2. Concering Computational Complexity 

An inspection of the example of the Turing machine given for adding two 1 digit 
numbers reveals that it will require at most 5 invocations of the transition function 
5. The more general machine that adds two n-digit binary numbers needs to invoke 
the transition function on the order of In times, for each pair of digits it processes 
(one from each number to be added). This is because the single tape head must move 
back and forth across the numbers as it adds them. It follows that the single tape, 
classical, determinstic Turing machine M described above will add two n-digit binary 
integers in a number of invocations Cn 2 + B of the transition function 5 of M, for 
constants C and B. 

In general, given a Turing machine M designed to compute some problem, one asks 
for an upper bound /(/) on the number of required invocations of the 5 function 
of M, terms of the length I of the input. Such an upper bound provides a rough 
measure of the time complexity of the problem. Hence, we would say that there is 
a quadratic-time algorithm to compute the addition of two binary integers, or that 
addition of integers is "quadratic time," with respect to the Turing machine described 
above. (We equate one invocation of the transition function with one "clock tick.") 

Definition 2.2.1 (order of complexity). One says that an algorithm executes in time 
0(f(l)), where / is a given function of the length I of the input, if there exists some 
Turing machine M, such that there exist constants c and 1$ such that, for all values of I 
greater than l , the number iV of invocations of the transitition function of M required 
by the algorithm satisifes N < cf(l). If there exists a polynomial function /(/) for 
which this is true, we say the algorithm executes in "polynomial time", and we say 
that it is a member of the (time) complexity class P of polynomial-time algorithms. 
Such algorithms are considered "tractable" - that is, amenable to computation. By 
contrast, problems having greater than polynomial-time complexity are considered 
"intractable" . 

Definition 2.2.2 (complexity in terms of higher-level programming languages). In 
the following, we will consider an algorithm for the SCPP for S n , given by Cejtin 
and Rivin in [llj . to which the authors have assigned the time complexity 0(n). As 
explained in pp. 135-142, we will adopt the hypothesis that if we can specify 
an algorithm in a high-level programming language such as C, C++, or Java, or 
in a pseudo-code equivalent (defined below), then there is a multi-tape, classical, 
deterministic Turing machine, following that given in [TO] , such that it can act as an 
"interpreter" for the algorithm. That is, the machine M can accept the pseudo-code 
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algorithm A and a given input I to the algorithm, and apply the algorithm A to the 
input I. We further suppose that it can do so in a way such that, for each execution 
of a pseudo-code statement, the machine M invokes its transition function once and 
only once. Then we say that the algorithm is 0(f(n)) if, for any algorithm input I 
of length n, the machine will complete processing in 0(f(n)) transition invocations. 
We will say that A is efficient if the corresponding number of transition invocations 
f(n) is a polynomial in n. 
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3. The simple commutator decision problem for S n . 

In this section we describe the Cejtin-Rivin algorithm for the simple commutator 
promise problem for the symmetric groups S n , provide an implementation of the 
algorithm in pseudo-code, and discuss its complexity. 

3.1. Preliminaries concerning S n 

Remark 3.1.1 (a definition of S n ). Recall again some basic facts concerning the sym- 
metric group S n , which is is the group of permutations of the set {1, 2, • • • , n}. That 
is, a permutation a G S n is a 1 — 1 map from the set {1,2, ■ ■ ■ ,n} to itself. One 
may imagine the elements being the points {(0, 1), (0, 2), • • • , (0, n)} G M?, with point 
(0, i) initially labelled by the label Z( ,*) — i- A permutation a is then specified by a 
re-assignment of the labels associated to the points: L ^ — > a((0,i)). For example, 
consider the element a <E S 3 given by (/(o,i) = 1, I (0,2) = 2, /( 3 ) = 3) — > (l(o,i) = 
2,/(o,2) = l)^(o,3) = 3). This is the element that interchanges the labels associated to 
the points (0,1) and (0,2). 

The permutations form a group under composition, the group being generated by 
the standard generators Tj, where Tj denotes the interchange of the labels associated 
to the elements in the (0, 1) and (0, i + l)-th positions. (From now on, we will denote 
the element (0, 1) simply by the integer i, and speak of "permuting elements % and 
j," though we really mean to permute the labels associated to (0,i) and (0, j). So in 
our above example, we would write that <r(l) = 2,<r(2) = 1, and <x(3) = 3.) When 
mutiplying permutations, we read from right to left, hence (1, 2) o (2, 3) means "first 
exchange the elements 2 and 3, then exchange the elements 1 and 2." 

Remark 3.1.2 (alternating subgroup A n of S n ). The alternating subg roup A n of S n is 
the group of permutations that may be expressed as a product of an even number of 
adjacent transpositions. Such permutations are called even. 

Remark 3.1.3 (cyclic decomposition of elements of S n ) . One may record a permutation 
G S n in terms of its cyclic decomposition, a cycle being a circular sequence i — > 
j — > k % of elements exchanged by the permutation. One typically elides the 

1-cycles. So, for example, the permutation a G S5 taking the elements 1,2,3,4,5 to 
3,4, 1,2, 5 could be written a = (13)(24)(5) = (13)(24). The order in which the cycles 
appear does not change the corresponding permutation, nor do cylic permutations of 
the sequence in which the integers of any given cycle appear. (So (13) (24) and (42) (31) 
denote the same permutation). 

Remark 3.1.4 (order of a cycle). The number of elements appearing in a cycle is 
known as the order of the cycle; a specification of the number of cycles of each order 
appearing in a, counted by multiplicity, gives the type of the cyclic decomposition of 
of a . So, in our example, a consists of two 2-cycles (and implicitly, a single 1-cyle). 
A permutation ir will be conjugate to a given permutation a if and only if it and a 
are of same cyclic decomposition type. An element of A n will consist of cycles of odd 
order, and an even number of cycles of even order. 

Remark 3.1.5 (standard representation of S n ). Finally, we obtain a faithful linear 
representation p of E as the matrix group generated by the images of the standard 
generators Tj under p, where p(Tj) is the n x n matrix given by interchanging the i 
and i + 1-th columns of the indentity matrix of GL(n, M). 



8 



The information in these remarks may be found in [32] and [31j . 
3.2. The Cejtin-Rivin algorithm for the SCPP for S n 

The paper "A Property of Alternating Groups," co-authored by Henry Cejtin and 
Igor Rivin ([H]) shows [theorem 1, page 1] that there is an efficient algorithm to write 
any even permutation a in S n as a product of two n-cycles p\ and p 2 ; that is, a = p\p 2 . 
Since piand p 2 are both n-cycles, it follows from remark [3. 1 .41 that p 2 = vp\v~ x for 
some v G S n . Moreover, if p 1 is an n-cycle, then so is p± : if p 1 = (iii 2 ■ ■ ■ i n -iin), then 
Pi 1 — (i n i n -i ■ ■ ■ hh)- Hence, p 2 and p^ 1 are both n-cycles, too. Thus p 2 = t~p\ x t~ x 
for some r G S n . So we have a = [pi, r], for some r G S n . 

Moreover, we can readily identify such a r, since if p^ 1 = {i\% 2 • • • i n -i) and 
Vi — (jij2 • • • jn), then t is the unique permutation such that r(ix) = Ji,t(^2) = 
J2, • ■ ■ , r(i n ) = jn (see [32], p. 3). 

We provide a brief summary of the (constructive) proof of the theorem as given in 
the paper. We will then provide a detailed implementation of a functional equivalent 
of the algorithm constructed in the proof; we will express the algorithm in pseudo- 
code, as defined below. A complexity analysis of the implementation will then yield 
a concrete verification that the algorithm posited by the theorem is indeed efficient, 
providing an efficient solution for the SCPP for S n . 

Note: the authors place the algorithm in the complexity class 0(ri), but do not 
specify a model of computation. Moreover, the algorithm is not given explicitly as 
psuedo-code, but implicitly, in the course of proving constructively, by induction, the 
existence of a method for writing any element a G A n C S n as a product of two 
n-cycles. 

We show below that, using the definition (12.2.21) . our pseudo-code implementation 
will have complexity 0(n 2 ), for input a word w in the standard generators of S n , 
having fixed length k, for variable n, and that it will execute in time O(k), for fixed 
n and variable k . 

3.2.1. Review of Cejtin-Rivin proof. Now, in the paper, the authors first show (lemma 
3, p. 2), that given a permutation p in S n , such that: 

1) it is the product of two permutations Si and s 2 

2) Si acts non-trivially only on 1, • • • ,t, and s 2 acts non-trivially only on t + 1, • • • , t + s 
where n = t + s 

3) si = P11P12 where pn and pi 2 are t-cycles 

4) s 2 = p 2 \p 22 where p 2 \ and p 22 are s-cycles 

then p = Sis 2 = (pnp 2 iv)(vpi 2 p 22 ) is a product of two (s + t)-cycles, where v = 
(t,t + s). 

The authors next prove: 
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Lemma 4: if n is odd, then any n-cycle a is a product of two n-cycles p\ and p 2 . 

Lemma 5: if n = 4m, and a G S n is a product of two disjoint 2m-cycles, then a 
is a product of two n-cycles p\ and p 2 . 

Lemma 6: if n = 2s + 2t, where s < t, and if a G ^ is a product of a 2s-cycle 
and a 2t-cycle, such that the cycles are disjoint, then a is a product of two n-cycles 
Pi and p 2 . 

The proofs of lemmas 4, 5, 6 each provide explicit cyclic decompositions of the n- 
cycles pi and p 2 . 

In the proof of the theorem itself, it is first noted that the theorem holds for n = 1. 
The proof proceeds by induction. Given an element a G A n+ \, the alternating group 
of S n+ i, if the element consists of exactly one (odd) cycle, or if it is a product of 
exactly two (necessarily even) cycles, then the proof follows from the constructions 
given in lemmas 4,5, and 6. If, on the other hand, a is a product of more than two 
cycles, it follows that it can be written as a product of two disjoint even permutations 
Ci and c 2 , or else as the product where C\ acts non-trivially only on 1, • • • , t and c 2 acts 
non-trivially only on t + 1, • • • t + s where t + s — n+ 1. The inductive hypothesis and 
lemma 3 then combine to say that a is a product of two n + 1 cycles: the inductive 
hypothesis says that c\ is a product of two t-cycles pu and pi 2 and c 2 is a product of 
two s-cyles p 2 i and p 22 ; lemma 3 says that a is then a product of two s + t-cycles. 

One must still obtain explicit expressions for the pij in this latter case. The authors 
show that ci can always be written as a product of exaclty one or two cycles, from 
which the expressions for p n and p i2 follow directly from lemmas 4, 5, and 6. To 
obtain the expressions for p 21 and p 22 , one must recursively apply the argument of 
the proof to a' = c 2 ; clearly no more than n — 3 recursions will be required, since any 
3-cycle can be written as a product of no more than two cycles. What remains to be 
shown is that the entire process can be coded into an algorithm that can execute on 
the Turing machine described above in an efficient manner. 

As promnised above, we next present an explict implementation of the Cejtin-Rivin 
algorithm, using "pseudo-code" that can be translated both to the language of Turing 
machines as described above, and to modern computer programming languages such 
as C++. We will then assess the complexity of the algorithm to see how far it varies 
from the 0(n) bounds set by Cejtin and Rivin. It is clear from the discussion above 
that any reasonable implementation of the Cejtin-Rivin algorithm will fall in the 
complexity class P. 

3.3. Implementation of Cejtin-Rivin in pseudo-code 

We here present an explicit implementation of the Cejtin-Rivin algorithm described 
above. The algorithm is expressed in pseudo-code. It is difficult to define pseudo- 
code in mathematically precise terms. Here, we will define psuedo-code to be a set 
of human-readable instructions, such that they would provide, to a human trained in 
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the art of computer programming, all the information necessary to create a computer 
program, written in the computer language C++, to perform an algorithm such as 
that developed by Cejtin-Rivin, as described above. (More concretely, we can say 
that pseudo-code must have the property that every statement maps in an "obvious" 
way to a programming language such as C, C++, or Java). We assume in our psuedo- 
code that we are free to utilize the following types of programming operations, each 
of which has a direct implementation in terms of the Turing machine defined above, 
and also in a higher- level programming language such as C. 

3.3.1. Types of operations comprising psuedo-code to be used below. The types of op- 
erations to be used in the psuedo-code below are: 

Operation Type 1: read a string symbols from an input device. 

Operation Type 2: write a string of symbols to an output device. 

Operation Type 3: declare a program variable. Program variables are integers, or 
lists thereof. Lists of integers are said to be arrays and have the property that the 
integer in the i-th position of the array s (arranging the list horizontally, and counting 
left to right, starting with 0), may be written or read via the notation s(i). (Observe 
that we can represent a matrix as an array of arrays). 

Operation Type 4: assign a value to a variable. We may assign integral values to 
integers (using the notation i — n to assign the value n to integer i) , and lists of 
integral values to arrays of integers. In a Turing machine, a program variable may be 
represented by the reservation of a fixed amount of space beginning at a certain loca- 
tion on the storage tape. We assume that all program variables occupy appropriate 
storage to make assignment statements valid. 

Operation Type 5: perform a logical operation or algebraic operation, such as testing 
whether a program variable % is zero, or comparing two integers to see if they are 
equal, or adding one integer to another. The equality operation is denoted % == j; 
the "test for zero" operation will be denoted \i. 

Operation Type 6: iterate a series of instructions for some count. That is, we have 
access to iterative control structures such as "while condition A is true, do sequence 
of statements B" or "if condition A is true, then do sequence of statements B" or 
"for integer x — 0, while x < N, do sequence of statements B, then increment x by 
1". Where we have a sequence of instructions that are to be implemented as part 
of a control structure, we indent the instructions underneath the instruction defin- 
ing the control structure condidtion. Numbering each statement within an algorithm, 
we also assume the existence of the infamous "Go To (line number)" control operation. 

Operation Type 7: call a subalgorithm, or "function" . This allows us to organize the 
transistions of our Turing machine into functions, which are self-contained subalgo- 
rithms accepting input and producing output. Functions may invoke other functions. 
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Lists of variables of varying types (called "arguments") may be passed from the in- 
voking function to the function invoked, and lists of variables of varying types may 
also be passed from the invoked function back to the invoking function. 

We use "call F(argl,arg2,...,argN)" to denote the invocation of function F, passing 
input "argl,arg2,..,argN" . We use, within a function, "return(argl,arg2,...,argN)" to 
denote return to the invoking function, passing back "argl,arg2,...,argN". A function 
may invoke itself. 

All these operations are directly expressible in a wide variety of computer program- 
ming languages. We also allow comments to be interspersed with the psuedo-code; 
we place comment text between "/*" and " */" on the line preceding the psuedo-code 
line to which the comment applies. The comments are not regarded as part of the 
algorithm. 

3.4. An aside: complexity of the preceding constructs 

Lemma 3.4.1. The constructs 1 — 7 of the preceding section all execute on a classical, 
single-tape, deterministic Turing machine in an number of operations that is of order 
0(n 2 ), where n is the size (in tape cells) of the input to the operation. 

proof: All complexity bounds are given with respect to the single-tape, deterministic 
Turing machine described above. For all operations, we assume a fixed number of 
tape squares between the tape head at the beginning of the operation, and the nearest 
tape location at which data is to be read or written (i.e. we do not count any 
intervening "extraneous" tape data that we must navigate around due to our machine 
having just one tape). 

Operations of type 1 and 2 are 0(n) by construction, and definition 12. 1.21 

Operations of type 3 amount to reserving a certain blank portion of the storage 
tape of 12.1.21 and writing an initial value to that section of the tape. This operation 
is 0(n) because operation 2 is. Operations of type 4 involve overwriting a section of 
the storage tape reserved by an operation of type 3. Operations of type 5 amount 
to comparison of an integer to determine if all digits of the integer are ("test for 
zero"), or addition or subtraction of two integers, or to subtraction of two integers, 
after which the sign of the result is checked (comparison, equality testing). Note that 
subtraction may be performed in the same manner as addition, by first converting 
the subtrahend to its negative. By example 12.1.31 addition is an 0{n 2 ) operation; 
negatation of a binary number simply entails the inversion of all Os and Is, followed 
by the addition of the number 1 ("two's complement" representation of a number). 

Operations of type 6 involve the repeated invocation of a given sequence of tran- 
sition functions, where the number of invocations is controlled by a counter which is 
decremented or incremented after each invocation. The invocations are terminated 
when the counter reaches a set value. Since initialization of an integer, and the sub- 
traction or addition of two integers, are at most 0(n 2 ) operations, the act of iteration 
is 0{n 2 ) (without consideration of the thing iterated). Here n is the storage size of 
the counter in tape cells. 

Operations of type 7 amount to copying a series of symbols to a blank section of the 
storage tape, invoking a set sequence of transition functions which produce output 
on another section of the storage tape, and then reading the result of that output. 
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Hence function invocation is simply an operation of type 2, followed by a series of 
operations of type 1 (without regard to the complexity of the invoked function). 
Hence an operation of type 7 is of order 0(n). □ 

As explained in definition ( 12.2.21) . in what follows we will regard each operation of 
types 1 — 7 as constituting one clock tick. 
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3.5. Algorithm: Expression of an element of A n as a simple commutator of 
elements of S n 

We here present, using the constructs of the psuedo-code language described above, 
an implementation of the Cejtin-Rivin algorithm for the SCPP for S n |33j . 

PROBLEM: Express n e A n as a simple commutator. 

INPUT: A positive integer n, and an element a of the alternating subgroup A n of S n , 
expressed as a word w(a) in the standard generators r» of S n , where Tj is denoted by 
the integer j. 

OUTPUT: The element a expressed as a simple commutator of elements p\ and 
p2 of S n ; that is, an expression of a as P\PiP\ X P?} ■ The elements p\ and p 2 will each 
be expressed as words in the standard generators of S n ; with the integer i denoting 
the generator r,. Each word will be separated by a 0, and the the entire output will 
be terminated by 00. The output should be read left to right (and applied right to 
left). 

ALGORITHM: 

1. We have that the input w is of the form w = ixH^z - --ik where each ij is 
an integer between 1 and n — 1. 

2. Perform subalgorithm A, passing (w, n) as input. Let the output of A be 
denoted by M. Then M is an n x n matrix that is the standard representation of the 
permutation given by w. 

3. Perform subalgorithm B, passing (M,n) as input. Let the output of B be 
denoted by d. Then d is a sequence of integers representing the cyclic decomposition 
of the permutation represented by M. 

4. Perform subalgorithm C, passing (d, n) as input. Let the output of C be denoted 
by the pair (ci, c 2 ), where c\ and c 2 are both products of cycles, with each cycle being 
given by a sequence of integers. (For the exact format of c\ and C2, see the description 
of the output of subalgorithm B). 

5. We have that c\ and c 2 are each a product of cycles, expressed in the form 
i\%2 ■ ■ ■ ij-iijOij + i ■ ■ ■ ikO • • • Oil ■ ■ • i m 00. Let S denote the matrix output by subalgo- 
rithm E, invoked with input c\. Perform the same steps for c 2 to obtain a matrix T. 
Then S and T are both matrices representing permutations, each of which consists 
of a single n-cycle. 

6. Let C\ denote the sequence of integers obtained from the output of subalgorithm 
B, invoked with input S. Similarly define the sequence C2, obtained from B with 
input T. Then C\ is of the form iii 2 ■ ■ ■ i n and C 2 is of the form jij 2 ■ ■ ■ j n . 

7. Let C3 denote the reverse of the sequence of integers C\ (that is, C3 is the inverse 
of the n-cycle C\). Let r denote the output of subalgorithm D, invoked with the input 
(C 3 ,C 2 ). That is, r is a sequence of integers defining the cyclic decomposition of a 
permutation, which we also denote r, such that C 2 = rC 3 r _1 (see the output of 
subalgorithm B for the format of the integers comprising the cyclic decomposition). 
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8. Write to output the sequence of integers F(Ci)0F(r)0F(C 3 )0F(r) i? 00 where 
F(z) denotes the non-0 portion of output of subalgorithm F, invoked with input 
z, and F(z) R denotes the reverse of the word given by the non-0 portion of F(z). 
Terminate. 
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3.5.1. Subalgorithm A. Convert the sequence of transposions W to its matrix M as 
given by the standard matrix representation of S n defined in 13. 1 .51 

INPUT: a positive integer n, and sequence of transpositions W, expressed as a 
string of of integers, with the integer i denoting the transposition + 1). 

OUTPUT: the matrix M representing the permutation given by W. 

ALGORITHM: 

1. Let M be the n x n identity matrix of GL(n, M). 

2. For each integer i of the input w (reading right to left) 

3. Let C\ be the column of M having 1 in the i-th position 

4. Let C2 be the column of M having 1 in the (i + l)-th position 

5. swap columns C\ and C2 
5. return M. 
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3.5.2. Subalgorthim B . Obtain the cyclic decomposition of M. 

INPUT: a positive integer n, and a permutation of S n given by its matrix M 
under the standard representation. 

OUTPUT: a sequence of integers providing the cyclic decompostion of M. The 
end of each cycle in the decomposition is marked by 0. The last cycle in the decom- 
position is succeeded by 00. That is, the output will be of the form: 



■ ■ ■ ik^ik+lik+2 ■ ■ ■ ik+r^ik+r+l'ik+r+2 • • • • • • • • • i n -ii n 00 



including 1 -cycles, and where the cycles are disjoint. 
ALGORITHM: 

1. Let d be an array of 0s of length 2n. Let d(i) denote the i-th element of 
the array, with denoting the first element. Let integers col, start, i all be set to 1. 
Let integer x — 0. Let d(x) = i. 

2. Let x = x + 1. 

3. Let % be the position (counting from 1) in which the number 1 appears in the 
column given by col. 

4. If i == start 

5. Let d(x) = 0. Let start be the position j (counting from 1) of the first 
column of M such that j does not appear in d, or start = if no such column. 

6. If start == 

7. Let d(x) = d(x + 1) = 0. Return d. 

7. Else let col = start and d(x) = col. Go to 2. 
8. Else let d(x) = i. Let col = i. Go to 2. 
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3.5.3. Subalgorithm C. Express as a product of two n-cycles the even permutation 
given by the cyclic decomposition d. 

INPUT: the parameters (d,n), where d is the cyclic decomposition a permutation 
of S n . The expression d will be of the form: 

■ ■ ■ ikOik+iik+2 ■ ■ ■ ik+rOik+r+iik+r+2 • • • • • • • • • i n -ii n 0Q 

where the Os separate the individual cycles and the composition is terminated by 00 
(see the output of subalgorithm B). 

OUTPUT: two n-cycles ci, c 2 . Each n-cycle will be expressed as a product of (not 
necessarily disjoint) cycles, where each individual cycle has the form as described in 
the definition of the output of subalgoritm B. The n-cycles c\ and c 2 will be separated 
by the sequence "00". The string Ci00c 2 will be succeeded by 000. 

ALGORITHM: 

I. If d consists of exactly one cycle (counting 1-cycles) of length n, that is, 
if d is of the form i 2 , • • • i n ) where n is odd 

/* apply lemma 4 */ 

2. Let ci = c 2 = i\%2 -inOJ ih •••i n 

((n+l)/2)-l 

3. Return Ci00c 2 000 

4. Else if d consists of exactly two cycles of lengths 2m each, where n = 4m, 
that is, if d is of the form ii, i 3 , ■ ■ • , i^m-i, 0, i 2 , «4, • • • , 
/* apply lemma 5 */ 

5. Let ci = c 2 = i\i2hii • • -iim-iUm 

6. Return Ci00c 2 000. 

7. Else if d consists of exactly two cycles p\ and p 2 of lengths 2s and 2t respec- 
tively, with s < t, n = 2s + 2t, and p\ = ■ ■ ■ «4 S _i and 

p 2 = %2%A ■ ■ ■ i2s+2tHs+lUs+3 • ' ' ^2s+2t-l 

/* apply lemma 6 */ 

8. Let C\ = iii4s+iUs+2Us+3 • • • ^2s+2^2^3 • • • Us 

9. Let c 2 = ii«2*3 •••i n - 

10. Return ci00c 2 000. 

II. Else if d contains a cycle of odd order di, such that d\ = • ■ - ik 

/* peel off an odd cycle and apply lemma 4; re-invoke subalgorithm on re- 
mainder */ 

12. Let d 2 denote the product of the remaining cycles. Observe that d\ may 
be regarded as an even permutation on a set of k integers i 2 , • • • ik}, and d 2 
may be regarded as an even permutation on a disjoint set of n — k integers. Let 
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c n = c i2 = di® d\. (That is, we asign to c n and c 12 the output of C(d±, k).) 

((fc+l)/2)-l 

13. set (c2i,c 22 ) = the output of subalgorithm C, invoked with input 

(d2,n — k) . We have that C21C22 is a permutation acting on the set of integers 
{ji,j2,--- Jr}, where {jij 2 ,-- , jr} PKM2, • • • ,4} = 
and {ii,i 2 , • ••ikjij2, ,j r } = I 1 , 2 , •••,"}■ 

14. Let u denote the maximum of {ii, i 2 , ■ • ■ , ik] and v denote the maximum 

of {jiji, •••jr}- 

15. Let Ci = Cn0c2i0-Uf . Let C2 = i«;0ci20c 2 2 (re-arranging and/or removing 
0, 00, 000 delimiters as required). 

16. Return Ci00c 2 000. 

17. Else d consists of an even number of cycles of even order 
denoted di0d 2 • • • Oo^fcOO. 

/* peel off two even cycles and apply lemmas 5,6. re-invoke subalgorithm on 
the remainder. */ 

18. Let e\ = rfi0rf 2 00. Let e 2 denote the product of the remaining cycles. Ob- 
serve that ei may be regarded as a permutation on a set of integers {ii,i 2 , ■ ■ ■ ,i n '} 
for n' < n. We have that either e\ is of the form: 

e l = ' ' ' Hm'-l^^H ■ ■ ■ Urn' 

where Am' — n' , or else e 1 is of the form: 

ei = ili3 ■ ■ ■ Us'-l^U ■ ■ ■ i2s'+2t'Us'+lUs'+3 ■ ■ ■ ^2s'+2t'-l00 

with 2s' + 2t' = ri. 

19. Let (cn,ci 2 ) be the output of subalgorithm C, invoked with 

input (ei,n'). Observe that with this input, C will return without invoking itself 
again. 

20. Let (c 2 i,c 22 ) be the output of subalgorithm C, invoked with 

input (e 2 ,n — n'). Observe that e 2 may be regarded as a permutation acting on the set 
ofn-n' integers j 2 , ■ ■ ■ ,j n -n>}, such that {h,i 2 , ■ ■ ■ , i n >} f|0'i, 32, • • • ,jn-n'} = 
and {ii,i 2 , • • -i' n , ji, j 2 , • • • jn-n'} = {1,2, • • • ,n}. 

21. Let u denote the maximum of {ii, i 2 , ■ ■ ■ , v} and v denote the maximum 

Of {jl,j2, ■ • • Jn-n'}- 

22. Let c\ = Cu0c 2 i0uv. Let c 2 = -uw0ci20c22 (re-arranging and/ or removing 
0, 00, 000 delimiters as required). 

23. return Ci00c 2 000. 
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3.5.4. Subalgorithm D. Conjugator of two n-cycles ci, c 2 . 

INPUT: a positive integer n, and two n-cycles c\ and c 2 (which are necessarily 
conjugate) each expressed in cyclic decomposition form (see the output of subalgo- 
rithm B). 

OUTPUT: the cyclic decomposition (expressed as in the output of subalgorithm 
B) of a permutation r such that c 2 = tc\t~ x . 

ALGORITHM: 

1. Let d be an array of Os of length In. Let d{%) denote the i-th element of 
the array, (counting left to right from 0). Let q(j) denote the value of the j-th inte- 
ger of the cycle q (counting from left to right from 0). Let integers val, i be set to 0. 
Let integer start = ci(i). Let integer x — 0. Let d(x) = start. 

2. Let x = x + 1 

3. Let val = c 2 (i) 

4. If val == start 

5. Let d(x) = 0. Let start = Ci(i), where i is set to the position (counting 
left to right from 0) of the first integer of C\ such that ci(i) does not appear in d, or 
start = if no such column. 

6. If start == 

7. Let d(x) = d(x + 1) = 0. Return d. 
8. Else let start = c\{i) and d(x) = start. Go to 2. 
9. Else let d(x) = val. Set % equal to the position (counting left to right from 0) 
of the integer of c\ such that c\{i) == val. Go to 2. 
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3.5.5. Subalgorithm E. Convert a product of (not necessarily disjoint) cycles to its 
matrix M as given by the standard matrix representation of S n defined in 13.1.51 

INPUT: a positive integer n, and a product of (not necessarily disjoint) cycles 
S in the form of one member of the pair of permutations as output by subalgorithm 
C. 

OUTPUT: the matrix M representing the permutation given by S. 
ALGORITHM: 

1. Let M be the n x n identity matrix of GL(n,M). For each cycle C of S, 
reading right to left: 

2. Let % be the first integer of C (processing left to right). Let C p = C n be copies 
of column i of M. Let s = i. 

3. If the next integer j of C is not 

4. Let C n be a copy of column j of M. 

5. Let column j of M equal column C p . 

6. Let C p = C n . Let i be the next integer of C . Go to 3. 
7. Else if the next integer j of C following i is 

8. Let column s of M = C p . continue with next iteration of the For loop. 
9. Let T be an n x n matrix of 0s. For each integer k = 1 • • -n 10. Assign to 
column k of T the number of the column of M in which 1 appears in position k 11. 
Let M = T. 
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3.5.6. Subalgorithm F. Express the cyclic decomposition clasa word in the standard 
generators Tj of S n . 

INPUT: a positive integer n, and the (non-empty) cyclic decomposition d of a 
permutation of S n . The expression d will be of the form: 



■ ■ ■ ik^ik+lik+2 ■ ■ ■ ik+rO ■ ■ ■ ik+r+l^k+r+2 ' ' ' 2 n 00 



where the Os separate the individual cycles and the composition is terminated by 00 
(see the output of subalgorithm B). 

OUTPUT: a sequence of integers i\ ■ ■ -ij, terminated with a 0, where each ik cor- 
responds to the generator r ik of S n . The output should be applied right to left. 

ALGORITHM: 

1. Let integer i — 0. Counting from 0, and reading left to right, let d(k) de- 
note the k-th integer of the input d. Let w be an array of n 3 integers, all initialized 
to 0. Let the integer x — 0. We denote by w(x) the x-th entry of w, counting from 
0, and reading left to right. Let integer s = d(i). Let % — % + 1. Go to step 6. 

/* check to see if we are done with all cycles */ 

2. If d{i) == and d(i + 1) == 
3. Return. 

/* else check to see if we are done with current cycle */ 
4. Else if d(i) == 

/* we are. begin new cycle, s records our starting point */ 
5. Let s = d(i + 1). Let % = i + 2. 

/* examine the next integer in the cycle, record intoa transposition between 
that integer and our our starting point s, where the transposition is expressed as a 
sequence of adjacent transpositions. */ 

6. Let integer a — x. Let integer c = 0. Let integer / be the greater of s and 
d(i). Let integer t be the smaller of s and d(i). 

7. While t< f 

8. Let w(x) = t. Let x — x + 1. Let c = c + 1. Let t — t + 1. 
/* now, if we had more than one adjacent transposition, repeat all but the 
last, in inverse order, the goal: the swap (m,p), where (p > m), is replaced with 
(m,m + l)(m + l,m + 2) • • • (m + p — l,m + p)(m+p — 2,m+p — 1) ■ ■ ■ (m,m + 1) 
read right to left. */ 
9. If c> 1 

10. Let c = c - 1. While c> 0. 

11. Let w(x) = w(a + c — 1). Let c = c — 1. Let x — x + 1. 
12. Write w R to output, where w R denotes the reverse of w. Let i — i + 1. 
Clear w. Go to step 2. 



22 



3.6. Example of application of Cejtin-Rivin algorithm 

We provide an example of the preceding. Let a G SV be given by the word x 6 x 4 xix 2 . 
Algorithm A converts this word to a permutation matrix given by the ordered list 
3,1,2,5,4,7,6, where, counting left to right from 1, digit i indicates the position of 
the integer 1 in column i. Algorithm B converts this to the cyclic decomposition 
(123)(45)(67). We pass ((123) (45) (67), 7) to algorithm C. Algorithm C "peels off" 
the odd cycle (123), and invokes itself twice with inputs %\ = ((123), 3) and (for the 
remaining cycles) %2 = ((45)(67), 4). To input i\, the algorithm applies Cejtin-Rivin 
lemma 4 to obtain output en = cu = (123) (123). To input «2, the algorithm applies 
Cejtin-Rivin lemma 5 to obtain output c 2 i = c 2 2 = (4657). (In this example, no fur- 
ther recursion is required. In general, each invocation of algorithm C on the "remain- 
der" left after peeling off of one or two cycles, to which Cejtin-Rivin lemmas 4, 5, 6 can 
be directly applied, will lead to further invocations.) Algorithm C then applies Cejtin- 
Rivin lemma 3, with t = 3, s = 4, to obtain p\ = c\\c%\V = (123) (123) (4657) (37) 
and P2 = vc2\Ci2 = (37)(4657)(123)(123), so that a ~ PYP2- We apply algorithms 
E and then B to convert p\ and P2 to n-cycle form: pi ~ C\ — (1346572) and 
p 2 ~ C 2 = (1746532). We then apply algorithm D to (C^ 1 = (2756431), C 2 ) to obtain 
t = (12) (45) such that C 2 = tC^ 1 t~ x . We finally apply algorithm F to C 1: C 3) x, x" 1 
to obtain a word: 

[F(Ci),F(t)] = ^2X3X4X5X6X5X4X5X4X1, r 4 ri] ~ cr 

3.7. Complexity of the Cejtin-Rivin algorthm 

Here we analyze the complexity of the Cejtin-Rivin algorithm. 

Proposition 3.7.1 (complexity of implementation of Cejtin-Rivin). The implemen- 
tation of the Cejtin-Rivin algorithm given above for the SCPP for S n executes in time 
0(n 2 ), for input of fixed length k, and time O(k), for fixed n. (Recall that by time, 
we mean the total number executions of pseudo-code statements of types 1 — 7). 

The relation between k and n can perhaps be described as follows: though for any 
o G S n , and for any positive integer k, there exists an unreduced word representative w 
of cr such that length(w) > k, we also have that any element of S n may be represented 
by a word w' of length at most n(n — l)/2. 

proof: By 12.2.21 it suffices to show that, for fixed k, the number of invocations of 
statements of types 1 — 7 grows as 0(n 2 ), and that for fixed n, the number of invo- 
cations of statements of types 1 — 7 grows as O(k). 

Now, by inspection, the main algorithm requires a fixed finite number of operations 
of types 1 — 4 and 7. It must read a string of k symbols, each in the interval [0, n — 1] , 
and pass these as a block to subalgorithm A. That requires 0{k) operations, and is 
not dependent on n. The output of subalgorithm A is a matrix representative of an 
element of S n , (in the standard representation), which we may implement as an array 
of integers of size n, where each element i of the array is an integer j recording the 
position j in which the 1 appears in column i. This array is passed to subalgorithm 
B, requiring 0(ri) operations. Subalgorithm B returns a string of integers bounded 
by n 2 (the string is a cyclic decomposition of the permutation given by the input, 
where each cycle has length at most n, and where there are at most n cycles). This 
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is passed to subalgorithm C, requiring 0{n 2 ) operations. Subalgorithm C returns 
a string of size 0(n) representing a product of two n-cycles C\ and c 2 . These are 
each passed to subalgorithm E, requiring 0(n) operations. Subalgorithm E returns 
strings of length 0(n), which are passed to subalgorithm B, requiring 0{n) oper- 
ations. Subalgorithm B returns n-element arrays C\ and C2 representing n-cycles. 
From this, C-f 1 is calculated, requiring 0{n) operations. Then Cf 1 and C2 are passed 
to subalgorithm D, requiring 0{n) operations. Subalgorithm D returns a string of 
length 0(n) representing a permutation r, which is then inverted, requiring 0(n) 
operations. Finally Ci, C-f \ r, and r _1 are passed to subalgorithm F, requiring 0(n) 
operations. The output of each call to subalgorithm F will be string of length 0(n 2 ), 
which is then written to output; this will require 0(n 2 ) operations. Hence the main 
algorithm requires a number of operations of types 1 — 7 that is at worst 0(n 2 ) and 
O(k) (not counting the number of operations required by each subalgorithm). Now 
we must verify that the same can be said of each subalgorithm (each of which is 
invoked a fixed number of times by the main algorithm). 

Subalgorithm A accepts an input w consisting of pairs of integers denoting trans- 
positions. For each operation w, it must interchange two n-digit strings of symols. 
Therefore; for a fixed n, it is linear in w. 

Subalgorithm B involves inspection of each cell of the n x n array that it accepts 
as input, coupled with the writing of a string of length bounded by In. Its execution 
time is therefore 0(n 2 ). 

Subalgorithm C will require a number of operations of types 1 — 5 that is linear 
in n, if the cyclic decomposition of the permutation it accepts as input consists of 
exactly one or two cycles. Otherwise, the subalgorithm invokes itself, after which it 
performs a number of operations of types 1 — 5 that is linear in n. Each invocation of 
C requires a number of operations that is linear in n. The number of self-invocations 
required grows linearly with n. Hence the subalgorithm is 0{n 2 ). It does not depend 
on k. 

Subalgorithm D must compare two n-digit strings that it accepts as input. It must 
separately perform n searches of a 3n + 1-digit array. It is therefore quadratic in n. 

Subalgorithm E is the inverse of subalgorithm B, and involves the reading of a 
string of length j that is a linear multiple of n, coupled with, for each symbol of j, 
the exchange of a fixed number of integers in a list of length n. It then scans the list 
n times to create a new list of length n, which is then copied to the original list. Its 
execution time is then 0(n 2 ). It does not depend on k. 

Subalgorithm F accepts an input bounded by Ln for some constant L. It requires 
n iterations of a sequence of operations of types 1 — 5, where number of steps in 
the sequence is also bounded by Dn for some constant D. Hence the algorithm is 
quadratic in n. 
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Since each subalgorithm is at worst linear in k and at worst quadratic in n, by the 
argument in the beginning of this proof, the algorithm itself is, too. Note that sub- 
algorithms B and D could be improved by representing the elements of the standard 
representation of S n , not by matrices, but by arrays of integers, such that array entry 
% contains the number j if the column % of the corresponding matrix contains a 1 in 
the j-th position. (It is less clear how to linearize subalgorithm C, as it must recurse 
0(n) times, invoking 0(n) operations for each recursion.) □ 
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3.8. Word reduction in S n 

We shall have need in what follows for a technique by which one can reduce an 
arbitray word w representing an element o G S n to a unique word p{a) that will we 
call the canonical representative of a. 

Definition 3.8.1 (ShortLex order). Let the alphabet S in definition 12.1.11 be pro- 
vided with a total order] that is, a reflexive, transitive, antisymmetric relation < such 
that for all a, b G X, either a < b or 6 < a. The we can define the ShortLex order < 
on £*, where for any two strings v,w G £*, we have t> < u> if an only if v is shorter 
than to, or else v and to are of the same length, and v (i) < w(i), where the v(i) and 
w(i), the z-th letters of v and w, are the first at which the two string differ (reading 
right to left and counting from one). The ShortLex order is a well-ordering; any 
subset of £* will have a unique smallest element given by the ShortLex order. [T3] 

Example 3.8.2. Let S n be the alphabet £„ = {1, 2, 3, • • • , n — 1}. Then we can impose 
the total order 1 < 2 < 3 < • • • < n - 1 on S n . Then for strings 13243, 13245 G E* 6 , 
we have that 13243 < 13245. 

Remark 3.8.3 (the group S n as a language). Associate to the symbol z G S n the 
generator Tj of 5 n . We can then regard the group S n as the group of equivalence 
classes of strings over E n , where two strings u and v are equivalent if and only if we 
can transform the string u to the string v by repeated application of the following 
identifications: 

(1) (z*z ~ e), ((z + 1) i (i + 1) ~ z* (z* + 1) z), ((z* + A;) z ~ z (z + A;){for fc > 1}). 

where e denotes the empty string. (That is, S n is the group having generators 
1, 2, • • • n— 1 and relations zz = e, (z' + l) z (z' + l) = z (z + 1) z, (z + fc) z = z (z + fc){for k > 

!})■ 

Definition 3.8.4 (reducible). Observe that the identifications (u ~ w) given in [1] are 
listed with the ShortLex smaller term on the right. We say that a string u G S* 
is reducible to a string t> G £*, denoted u ^* v, if by repeated application of the 
identifications ([T]) u can be transformed to v, and such that v < u in the ShortLex 
order. 

Given a set of rules S such as the above, but such that each pair of rules {u\ ~ 
vi), (u2 ~ V2) satisfy the following two properties (where e denotes the empy string): 

, , ifui = rs and u 2 = st with s, t,r G £*, ands 7^ e, 

then there exists weE* such that t>it — >* w and rt> 2 — >* w 



if u\ = rst and M2 = s with s, t, r G A* , and s^e 
^ ' then there exists w 6 E* such that ui — w and rw 2 t ^* w 

one can reduce any word w representing an element of S n to a canonical form r(w), 
such that for each o G 5* n , we have a unique representative r(w), obtainable from 
any word w representing o. This reduction is given by the following algorithm [13j, 
pp.116-126: 
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3.8.1. Reduction algorithm A for S n 

. PROBLEM: Reduction of w to its canonical form. 

INPUT: a word w6H* 

OUTPUT: A(w) 

ALGORITHM: 

1. Select the subset of rules Si C S such that for each rule, the left-hand side 
matches a substring of w. 

2. If Si = {0}, terminate. 

3. Let S 2 C Si be the set of rules in Si, such that for each rule, the first character 
of the matching substring of w is as far to the left of w as possible. 

4. Let S3 C S2 be the set of rules in S 2 have the smallest left-hand sides, in Short- 
Lex order. 

5. Let r G S3 be the rule having the shortest right-hand side, in ShortLex order. 

6. Apply rule r to the left-most possible substring of w. Go to step 1. 

Such a set of rules S constitute what is known as a complete set S of Knuth- 
Bendix rules. The relations given above for S n (CQ) are not a complete set of Knuth- 
Bendix rules. However, given a finitely presented group G having generators X = 
{xi, x 2 , ■ ■ ■ , x n } and relations R = {(wi, t>i), (u 2 , v 2 ), ■ ■ ■ (u m , v m )}, such that Ui > u, 
with respect to a ShortLex order, one can attempt to obtain a complete set of 
Knuth-Bendix rules as follows [13J, pp. 116-126. The procedure will always terminate 
for a finite group G [21J: 

1. start with the set of rules Sq = S given by the (ui,Vi). 

2. For each pair of rules ri, r 2 £ Si such that the left-hand sides overlap (are either 
of the form r\ = (uv, x) and r 2 = (vw, y) with v 7^ e, or r% = (v, x) and r 2 = (uvw, y): 

3. If no such overlap, terminate. 

4. Else perform the reduction process desribed above on the word uvw, once 
starting with rule r 1; to obtain a word t\, and once starting with r 2 , to obtain a word 
t 2 . 

5. If ti 7^ t 2 (say ti < t 2 ), add the rule (t 2 ,ti) to Si to obtain a new set Si+i. 

6. Go to 2. 



Remark 3.8.5 (complexity of the reduction process). In what follows, we assume the 
existence of efficient implementations of algorithms for word reduction in S n , (that 
is, polynomial time for fixed k and varying n, and also polynomial time for fixed n 
and varying k), that are functionally equivalent to the preceding (see for example the 
programs listed in [21J p. 8). 
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4. The Braid Groups B n 

In this section we present information about the braid groups B n , with a focus 
on braids as equivalence classes of words in the standard Artin generators and their 
relations. 

4.1. The braid groups B n : algebraic, geometric, and topological definitions 

Definition 4.1.1 (Braid Group: algebraic definition, [30J, p. 23). The braid group on 
n strands (denoted B n ) is given by the generators o\ • • • cr„_i subject to the relations 

OiOj = OjOi if | % — j | > 2, 1 < i, j • < n — 1 

Oi<Ji + i(Ji = a i+1 aia i+ i 1 < i < n — 2. 

Definition 4.1.2 (Braid Group: geometric definition, [30], p. 22). A braid on n 
strands may be regarded geometrically as the union of n arcs embedded in R 2 x [0, 1], 
such that the boundary is the set {1, 2, • • • , n) x {0} x {0, 1} G R 2 x [0, 1] and such that 
no arc has a critical point with respect to the boundary (see figure 1). Two braids are 
isotopic if they are related by an isotopy of R 2 x [0, 1] preserving the boundary and the 
vertical coordinate. Any geometric braid is obtained by attaching vertically a series of 
elementary braids, with each elementary braid given by an elementary braid diagram 
(which is the projection of the braid onto the x — z plane, w/the y-axis directed 
vertically outwards from the face of the page). Each elementary braid corresponds 
to a generator of the braid group (see figure 2). Isotopy introduces an equivalence 
relation on the set of braids, and the set of equivalency classes is a group, with action 
given by the attaching process just described. This group is in fact isomorphic to 
the group of equivalency classes of words in the af given in the preceding definition 
see Q28J). Finally, a pure braid is one for which each each strand i beginning at 
fa, 0) 6 I 2 x [0, 1] ends at (a*, 1) 6 K 2 x [0, 1]. 

Definition 4.1.3 (Braid Group, topological definition, [25], p. 8). A third definition 
of the braid group, equivalent to the preceding two, may be given as follows. Let Y n 
denote the set of all n-tuples (z\, • ■ ■ , z n ) of points in C such that Zi ^ Zj for i ^ j. 
Let X n = Y n /S n \ this is the configuration space of n (unordered) points in C. Select 
a base point p G X n . Then B n is the fundamental group 7Ti(X n ,p) of X n . 

Definition 4.1.4 (Braid word, word length, [25] , pp. 15-19). Let b be a braid repre- 
sented by a word w in the braid group generators o~i and their inverses. We will refer 
to such w as braid words. The number of a i . appearing in the word w is said to be 
the word length of w, denoted l(w). If it) is a word of miminal length representing b, 
then | b \= l{w) is said to be the length of b (observe that the braid relations preserve 
word length, so any word of minimal length representing b determines the length of 
b). 

For example, if b is the braid word o\O\0~2i then | b |= l(w) = 3. 

4.2. A homomorphism from B n to S n 

Remark 4.2.1 (projection of B n — > S n , [13], ch. 9). A braid b maps the set of points 
{1, 2, • • • , n} x {0} x {0} to the set of points {1, 2, • • • , n} x {0} x {1}. The map is 
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1 — 1, and the point {i} x {0} x {0} is taken to the point {b(i)} x {0} x {1}. Hence, 
a braid defines a permutation: 

(4) 1 2 H 

{ ' b{l) b{2) ■■■ b{n) 



In other words, letting r», for i — 1, • ■ • , n — 1, denote the standard generators of 
the symmetric group S n (where Tj denotes the permutation of the z-th and i + 1- 
th elements), one obtains a surjective group homomorphism p : B n — > S n given by 

4.3. Right greedy normal form 

The information in this section is taken from chapter 9 of [T3] . 

Definition 4.3.1 (permutation braids, [13], pp. 182-190). A positive braid is a braid 
consiting only of positive crossings (that is, crossings represented only by the <7j, and 
not by any c^ 1 ). A permutation braid is a positive braid in which no two strands 
cross twice. We denote the permutation braids of B n by D n . 

Remark 4.3.2 (isomorphism of D n and S n , [13], pp. 182-190). It is known that the 
permutation braids D n are in 1 — 1 correspondence with the elements of the symmetric 
group S n . The isomorphism is given by the restriction to D n of the map p : B n — > S n 
defined above. 

Remark 4.3.3 (permutations given by sets of labels exchanged under permutation, 
[T3] . pp. 182-190). Consider the action of an element a of S n on the set of integers 
{1,2, • ■ • , n}. Let let R a = {(i,j)\i < j and a(j) < cr(i)}. This set characterizes the 
permutation a. We can define a partial order relation > on S n by letting a > r if 
Ra ^ Rt (recall a partial order relation on a set S is a binary operation on S that is 
reflexive, antisymmetric, and transitive). 

Given two permutations a and r, and the order relation >, there is a unique maximal 
element a At such that a > a At and r > a At. The element is given by the recursive 
formula: 

(5) R aAT = {(i,k) G R a nRr\(i,j) G R aAr or (j, k) G R^Vjs.t.i <j< k}. 



(Observe that for starters, any pairs (i, i + 1) <E R a nR T will also appear in R aAT ). It 
turns out that there is also a unique minimal element o V r larger than both cr and 
r). 

Definition 4.3.4 (heads and tails). Let P n be the set of positive braids of B n . Let 
a, b, c G P. If ab = c, we say that a is a head of c and b is a iaz/ of c (one writes a -< c 
and c >- b). It turns out (see [13] p. 188) that for braids b, c G -D n , we have c ^ 6 iff 
P(c)>p(6). 

Remark 4.3.5 (facts about D n , [13J, pp. 186-187). There is a unique maximal element 
of D n - the element m G -D n such that R p ( m ) ^ Pp(z) V / G -D n . It is known as the "Gar- 
side element," denoted Q. It is given by Q = ((Ticr 2 • • • o"n-i)(o"iO"2 • • • Cn-2) • • • 
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which is a 180-degree twist of all strands. Here and in the remainder of this section, 
we apply braid words from right to left (treating the word as an operator on B n ), and 
draw them horizontally, moving right to left, with strand 1 on the top; for positive 
crossings, the z-th strand will pass over the % + 1-th. Hence the Garside element of D% 
is (0102)01 (see figure ??). We have the relations Qo~i = o~ n -iQ, and bQ 2 = Q 2 b for all 
b G B n . We choose for each element dk of D n a representative braid word Wk and call 
this the canonical representative of dk- For instance, for D 3 we may choose the rep- 
resentatives {e, <7i, o"2, 0102, 020"i, 010202}, where e denotes the braid word consisting 
of no letters. In what follows, we shall always choose canonical representatives corre- 
sponding to the canonical representatives of elements of S n as described in subsection 

m 

Definition 4.3.6 (right greedy normal form (r.g.n.f.), [T3] pp. 191-196). A braid word 
w is in right greedy normal form if it is written in the form: 

(6) W = W\W2 ■ ■ ■ w m fl p 



where each Wk is the canonical representative of an element of D n , such that if two 
strands that are adjacent at the boundary of Wk and Wk-i cross in Wk-i, then they 
cross in Wk, and where p may be positive or negative, and where none of the Wk = fi. 
The integer p in ([6]) is called the infimum of w, and the integer m is called the canon- 
ical length of w. In what follows, we denote the right greedy normal form of a braid 
word a by r.g.n.f .(a). It is known that a classical Turing machine exists to convert a 
braid word w to r.g.n.f '.(w) in time quadratic in the length of w. 

Remark 4.3.7 (Existence and Uniqueness of r.g.n.f. [13J, p. 195). There is a unique 
braid word in r.g.n.f. for each braid b G B n . 

Remark 4.3.8 (Method of writing a braid in right-greedy normal form [7]). Given a 
braid word w, having k letters crT" , we may transform it into r.g.n.f as follows: 

1. For each a^ 1 G w, multiply w on the right by Q 2 Q~ 2 . Call this new braid word w'. 

2. Using the commutivity of Q 2 , move a copy of Q 2 to the immediate left of each 
a^ 1 . This replaces each o~i with a positive word of the form £)(•), where (•) consists 
of | ft | — 1 letters. Call this braid word w". 

3. Using I4.3.5[ move all copies of Q G w" to the immediate left of the Q~ 2h term 
added in step 1. This yields a word of the form: 



(7) w'" = a Pl o- pi ■ ■ ■ o- pm Q r 

where r is positive or negative, and all the a Pj are positive twists. 

4. Next we want to express the subword p = a pi ■ ■ ■ a Pn as product of canonical 
representatives of D n . We proceed as follows. Scanning from right to left, we find 
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the largest substring s of letters of p, s = a p . ■ ■ -cr PmJ such that s represents a tail 
of the braid represented by p, and such that no two strands of s cross twice. Re- 
place the substring with its canonical representative Wk G D n . Repeat this procedure 
iteratively beginning with the remaining a Pl ■ ■ ■ <J Pi _ 1 letters, to obtain a braid word: 

(8) w {4) = w 1 w 2 ---w q n r 



5. We have that each Wk represents a braid that is a tail of the braid represented by 
the W\ ■ ■ -Wk-i- We want the to have the property that if two strands that are 
adjacent at the boundary of and Wk-i cross in w^-i, then they cross in w/.. It turns 
out that this is equivalent to saying (see [13] pp. 190-196) that each Wk is maximal tail 
for the word w\ ■ ■ - Wk- This means that Wk represents the maximal element of D n , 
such that the element is a tail of the braid given by w\ • • -W).. (That is, if Vj is any 
other element of D n that is a tail of w\ ■ ■ - Wk, then p(wk) > p{vj)). (We can define a 
"minimal head" of w\ ■ • ■ analogously) . 

We can obtain a word in such a form as follows. Consider the product ab of 
two canonical representatives a and b of elements of D n . Let b R denote the reversal 
of b, that is, if b — ■ • -a^, then b R = a^- • -a^. Let m(a,b) be the canonical 
representative of the element mapped by p to the element p(a) A (p(Q) p(b R )) of S n . 
It turns out (see [T3], p. 191, Prop. 9.2.1) that m(a,b) is the unique maximal tail of 
a, such that m(a, b)b G D n . 

So, we proceed as follows. We consider the product W1W2, let to = wi, let w q+ i = e, 
and let hi = tom(to, W2)~ 1 ■ That is, h\ is the minimal head of ^0^2- Let t\ = 
m(t ,W2)w2- Next we let h 2 = tim(t 1 ,w 3 )~ 1 . Then let t 2 = m(ti,w 3 )w 3 . In general 
we have 

(9) K = ti-imfc-i, w i+ i)~ l , U = m(ti^i,w i+1 )w i+1 
We obtain a sequence 

(10) tt> (5) = hlh 2 --' hq-itqQr 

where each hi satisfies the properties of 14.3.61 as does t q . 



Example 4.3.9 (computing r.g.n.f. for a simple commutator of elements of D 3 ). An 
example is in order. The elements of D 3 have represenatives as follows: 
e, a%, <t 2 , o"icr 2 , <7 2 <Ji, o\o 2 <J\- Under p, these elements map to permutations given by 
the following i?-sets: 



R p (en) - 


{(1,2)} 


Rpfa) = 


{(2,3)} 


Rp(a- 1 a- 2 ) — 


{((1,2), (1,3)} 


Rp(p?.cr\) — 


{((1,3), (2,3)} 


RpipL) = 


{(1,2), (1,3), (2, 3)} 
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The complimentary permutations p(Q)p(a) are given by: 

Rp(Q) P (cn) = {(1,3), (2,3)} 
R P (n)p(a 2 ) = {(I, 2 ), (1,3)} 

(12) Rp(Sl) P (cn<T2) = {(I, 2 )} 

R P (tt)p(cT2<Tl) = {(2,3)} 

Rp(Q)p(Q) = 

The reversals of each element are given by a R = <Ti, {<Ji<j 2 ) r = 0201, Q R = 

So, say we are given a braid word w = [01,02] = 010201 02~ ■ We apply steps 1 
and 2 to obtain: 

(13) w {2) = a^tfa^tt 2 ^ 1 ^ = a^^^X^^i)^" 4 - 

Now we move the O's to the right to obtain = aic^c^fi -1 . Working right to 
left, we then factor this as = (0102) (o^)^ -1 - Then we set to = (cria 2 ). Now 
^(ciC"2, 02) = pio'iO'z) A (p{VL) p(a R )) . This is the wedge of the sets {(1, 3), (2, 3)} and 
{(1,2), (1,3)}, which is 0, and this corresponds to the canonical representative e. So 
hi = (cri,cr 2 )e _1 = (01 02) and t± = eo<i = 0%. Then m(ti,w 3 ) = m(<T2,e) = 02 so 
/i 2 = tim(0 2 ,e) _1 = e and £ 2 = m(0 2 ,e)w 3 = a 2 So we have = hit 2 = (0102)02- 
(In this particular case, we were not able to pull any additional crossings to the right 
in step 5.) 

Remark 4.3.10 (right greedy normal form is in P). It is known ([13], [7]) that an 
algorithm exists to convert an arbitrary braid word to right greedy normal form in 
time quadratic in the length of the braid word. From this together with (14.3.71) . it 
follows that there is a polynomial time algorithm for solving the word problem in 
B n \ that is, there is a classical Turing machine that can compare two arbitrary braid 
words Wi, u>2, for fixed n, in time polynomial in the sum of the lengths of Wi and w 2 - 

Remark 4.3.11 (positive cancellation). Positive braids obey a right cancellation law: 
for positive braids a, a', b, we have that a'b = ab iff a = a'. A similar law holds for left 
cancellation. Note that in what follows, we will write, for braid words Wi,w 2 , that 
Wi = w 2 when w\ and w 2 are identical as braid words (that is, they consist of exactly 
the same sequence of erf, and W\ ~ w 2 when w\ and w 2 representative equivalent 
braids, but are not necessarily identical as braid words (that is, they are equivalent 
as braid words under the braid relations, but may have different "spellings". For 
example, we will write w± ~ w 2 if w = o\o 2 o\ and w 2 = o 2 o\o 2 . We will write 
w\ = w 2 if both are the strings CT10201. Given a braid word w, W will denote the 
corresponding braid. 
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5. The SCPP for B n : Extension of Cejtin-Rivin 

In this section we describe an extension of the Cejtin-Rivin algorithm to a subset 
of the permutation braids of B n . 

5.1. The simple commutator promise problem for B n 

Definition 5.1.1 (simple commutator promise problem). The simple commutator 
promise problem (SCPP) for the braid groups is defined as follows: Let w be a braid 
word representing a braid 7 G B n , such that 7 is of the form 7 = [a, b] := aba~~ 1 b~ 1 
for braids a and b. Find braid words x and y such that [x, y] represents the braid 7; 
that is, [x, y] ~ w. 

Definition 5.1.2 (related conjugacy problem). One active area of braid group re- 
search is the conjugacy problem: given two braid words w and w', can one determine 
whether a braid word x exists such that w ~ xw'x~ l l That is, do the two braid 
words represent conjugate braids? No polynomial time solution is currently known 
for this problem, though exponential time algorithms exist (see [7]). Related to this 
is the "search" version of the conjugacy problem: given braid words g and h that rep- 
resent conjugate braids, can one find a braid word x such that g ~ xhx~ lr ! As with 
the conjugacy problem itself, no known polynomial time algorithm for the conjugacy 
search problem (CSP) currently exists. 

Remark 5.1.3. Naturally, the simple commutator promise problem and the conjugacy 
search problems are related. One way to see this: say w is a braid word representing 
a simple commutator 7. Say one had a method of finding a braid word a such that 
w ~ [a, x] for some braid word x. Then to solve the SCPP, one would need to find a 
braid word x satisfying: 



(14) 



xa 1 x 1 ~ a w 



5.2. An extension of the Cejtin-Rivin algorithm to the SCPP for permu- 
tation braids 

We would like to extend the Cejtin-Rivin algorithm described above to solve the 
SCPP for braids that are simple commutators of permutations braids; that is, for all 
braids of the form [di, d 2 ] for d\ 1 d 2 G D. We will denote this set of braids by [D n , D n ], 
though we must remember that the set does not have the structure of a subgroup of 
B n , since the product of two elements of [D n , D n ] need not be in [D n , D n ]. 

Definition 5.2.1 (inverse of p : B„ — > S n ). As we saw above, we have that the set of 
permutation braids D n is in 1 — 1 correspondence with the elements of the group S nj 
with the correspondence given by the natural projective homomorphism p : B n — > S n , 
when restricted to D n . For a G S n , let p _1 (o") denote the unqiue element d G D n such 
that p(d) = a. 
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Now, let 6 be an element of the set [D n ,D n ]. Then 6 = [di,d 2 ] for di,d 2 G D n . 
Since b is a simple commutator, any expression of b as a word in the standard Artin 
generators of B n will contain an even number of generators, as the braid relations 
preserve word length. Hence p(6) G A n , the commutator subgroup of S n . (Indeed, 
by the same argument, for any element b of the commutator subgroup [B n ,B n ], we 
have that p(6) G A n .) Let CR(a) be the result of applying the Cejtin-Rivin algorithm 
described above to the permutation a G A n . So we have that CR(p{b)) = [ipi,^] 
for permutations ipi-,ip2 of S n . We would like to know: when is it the case that 
b = p~ 1 {jp2)] r ! We denote the subset of all such elements in [D n ,D n ] by K. 

Definition 5.2.2 (the set of braid words /C). For each a G A n C S n , let CR(a) be 
the simple commutator [^i(cr), ^(c)] that is the output of the Cejtin-Rivin algorithm 
applied to o . Let w a ^. be the canonical representative (as defined in 14.3.51) of the 
element p -1 (■?/>« (cr)) e D n . Let 

fC = {[W^ ua , W^ 2; a]\ O G A n C 5* n } 

Lemma 5.2.3 (surjectivity of p onto A n , when restricted to simple commutators 
of D n ). The restriction of p to the elements of [D n ,D n ] maps surjectively onto the 
alternating subgroup A n C S n . 

proof: Given cr G A n , we have that CR(cr) = [i[)i(a), ^(c)] for ^i(cr), ^(c) G S.^. 
This defines an element 

rf = p- 1 (^l((T))p- 1 (^ 2 ( ( T))p- 1 (^r 1 ( ( T))p- 1 (^- 1 ( r)) G [D n ,D n ] 

Then, since d G -B„ and p maps _B n homomorphically to S n , we have that 
p(d) = 

p(p-\M°)))p(p-\Mv)))p(p-\^\v)))p(p- l (^ 1 (°))) = 

^i(a)^ 2 (a)^ 1 1 (o-)ip 2 1 (a) = a, 
the next to last equality given by the 1 — 1-ness of p when restricted to D n . 

We may characterize as follows the set K: 

Proposition 5.2.4. The set K G [D n , D n ] is the set of braids having a braid word 
representative in K,. Given an efficient algorithm A(w) for writing any word repre- 
sentative w of a G S n in canonical form, there is an efficient algorithm to express 
any k G K as a simple commutator of elements of D n . The algorithm can accept any 
d G [D n , D n ], and will return if the element d K. 

proof: We first show that if k G K, then it has a braid word representative w G JC. 
If k G K, then by definition we have that CR(p(k)) = [ipi(p(k)), t/>2 (/?(&))] an d 
[p^ 1 (ipi(k)) , p _1 (-?/'2(^))] = k. Then w = \w^ 1)P nA, Wtfa, P (k)] G JC and w is a braid word 
representative of k. 

Now if w — [wi,W2] G /C, then it represents a braid k G K; precisely, the braid k 
given by [61,62] where 6j is the permutation braid canonically represented by u>j. 

Next, given an element d G [-D n , D n ], expressed as a braid word Wb in the standard 
Artin generators U of S n , we can compute its projection p(d), expressed as a word 
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in the standard generators 7* of S n , by replacing each ti or tj with 73. Denote the 
word so computed by u> s . Clearly there is an algorithm to perform this conversion, 
such that it will execute on a classical Turing machine, as given above, in time that 
is polynomial in the length / of Wb (it will consist of 0(1) invocations of operations of 
types 1—5). We can then pass w s to our implementation of the Cejtin-Rivin algorithm, 
which as we saw is 0(n 2 ) and 0(k) where k is the length of w s ; we have that k is 
bounded by the length of Wf,- Denote the output of CR(w s ) by CR(w s ) = [ipi,^]- 
The length of CR(w s ), by definition of our CR implementation, is bounded by a 
quadratic function of n. We can compute p _1 (^i) and p _1 (^2), expressed as canonical 
representatives, by first reducing each to its canonical representative A(ipi) (see 
13.8. ip . and then replacing each r, of A.(ipi) with £j. Hence, given an arbitrary braid 
word representative Wb representing an element of d G [D n ,D n ], we can compute 
the image w s = p(wb) G S n , then compute CR{w s ) = [ipi,ip2], and then compute 
[p^i^A^ipi), p~ 1 (A{ip2)] ) all in time polynomial in the length of Wb (for fixed n), and 
also in n (for fixed input length). 

Finally, we can compute r.g.n.f.(d) and r.g.n.f.([p~ 1 (A(ipi), p' 1 (A(ip 2 )]) ■ The op- 
eration r.g.n.f.Q, as noted above, is quadratic in the length of its input. If the right 
greedy normal forms of the two words are equal, then [w\, W2} expresses d as a simple 
commutator, and the output of our algorithm will be the word WiW 2 Wi 1 w 2 ~ 2 - If they 
are not equal, then d £ K, and the output of our algorithm will be 0. Hence our 
algorithm, as we have just shown, is polynomial time in the length of the braid word 
w, representing a braid b G B n given as input, and is also polynomial time in n. □. 



Example 5.2.5 (Example of computation of d as a simple commutator). The braid 
k = <J2(Ti(TiQ G K C B 3 projects under p to the permutation (123). This can be 
expressed, via Cejtin-Rivin, as [r 2 ri, T\T2T\\. This corresponds to k — [0201, $1]. 



Corollary 5.2.6. Let b G [B n , B n ] be a braid word representing a product of simple 
commutators. Given an efficient algorithm A(w) for writing any word representative 
w of o G S n in canonical form, there exists an efficient algorithm to express b as the 
product of a pure braid and a simple commutator of permutation braids. 



proof: Compute CR(p(b)), the output of which we denote [V'l,^]- Compute A(ipi) 
and A(ip2), and then replace each Ti of ipj (where Ti a generator of S n ), with ti (the 
corresponding generator of B n ). This gives an expression [wi,u;2] for d G [D n ,D n ], 
in a canonical form induced by A, by the surjectivity of p : [D n , D n ] — > A n C S n . 
Since the kernel of p is the subgroup of pure braids P C B n , we have that b = pd for 
some p G P, where p = b[di, d 2 ]~ 1 . By the preceding proposition and the conditions 
of our hypothesis, this expression for b can be computed in time polynomial in the 
length of b. Hence there is an efficient algorithm to express any element of the 
commutator subgroup of B n as the product of a pure braid and a simple commutator 
of permutation braids. □ 
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5.3. A probablistic algorithm for the SCPP for B n 

Now, given a braid word b representing an element of 7 G B n , such that we are 
guaranteed 7 is a simple commutator, we can write b in the form b = p[d 1 ,d 2 ] as 
above. We know there must be a sequence p[di, d 2 ] = Wq — > W\ — > ■ • ■ — > u> ra = [a, 6] 
where each u>j is obtained from by one subword substitution corresponding to a 
defining relation of the braid group. We know moreover that there is some minimal 
Nf, such that there is a sequence p[d±, d 2 ] — vq — > v± — > • • • — > i> n = [a, 6], having a 
subset of terms i>o = v k iy ffc 2 , • • • , Vk m = v n , where 1 < k\ < k 2 < • • • < k m < n, such 
that for all i: 



(1) k i+1 -ki<N b 

(2) Vi = hi[a,i,bi], where \h,j\ < \p t ], for h^a^bi G B. 

(3) \hi + l\ < \h\ 

(4) |^| < \p\ 

for hi, Oj, foj G -B, where || denotes word length. 



We accordingly define the i^-bounded version of the SCPP problem as follows: 
given b an arbitrary braid word representing a simple commutator, find such a se- 
quence, for Nf, = K, if one exists. We can define a probablistic algorithm for searching 
for such a sequence as follows: 

INPUT: A braid word b guaranteed to be a simple commutator. 
ALGORITHM: 

1. Randomly select integer M G Z + . Write the word b in the form 60 = p[di,d 2 ] 
in the manner described above. Let the output O be set to e (the empty word). 

2. For each i = 0, 1, • • -M: 

3. Randomly select N { G Z + s.t. if % > 0, then N { > N^. Randomly Let j = 0. 

4. While j < Nf 

5. Randomly select a subword of 6« that can be rewritten via a rule given by one 
of the braid relations, and apply the rule. 

6. If the result b i+ i is of the form [a, b], append the symbol — >■ followed by the 
word [a, b] followed by (iVj) to O. Terminate with success. 

7. Else if bi satisfies properties (2) — (4) above, append the symbol — > followed 
by the word b i+ i to O. set j = 0. 

8. Else j = j + 1. 

9. Terminate with failure. 
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6. Summary and questions for further research 

In this manuscript, we first discussed motivations for studying the commutator 
subgroups of various finite groups. We then defined the simple commutator promise 
problem (SCPP), and studied the problem for the case of the symmetric group S n , 
applying the work of Cejtin and Rivin. We then extended the algorithm to a small but 
noteable subset of elements of the braid group B n \ namely, to a subset K of the set 
of simple commutators of permutation braids, such that K is in 1 — 1 correspondence 
with the simple commutators of S n . We found that any element of the commutator 
subgroup of B n can be expressed efficiently as the product of an element of K and a 
pure braid. 

We here pose a few questions for further research: 

1. Can the Cejtin- Rivin algorithm be extended to a larger subset of braids than the 
set K defined above (I5.2.2P ? What are the necessary and sufficient conditions that 
the commutator subgroup [G, G] of a given group G must satisfy, in order for the 
simple commutator promise problem to be efficiently solveable for Gl 

2. Given an arbitrary braid word b that represents a simple commutator of braids, 
are there values of N b and M b such that the probabilistic algorithm of the preceeding 
section will terminate with a probability of success P, such that P > |, and such 
that (for fixed n) the algorithm will execute on a single-tape classical deterministic 
Turing machine in time polynomial in the length of the input b, and such that the 
algorithm will execute in time polynomial in n, for input of fixed length? 

3. The above discussion of complexity concerns worst-case scenarios, but there are 
other measures of complexity; see for example the description of average-case com- 
plexity in [23]. Can we use the a above results to find an algorithm that solves the 
SCDP for B n , with average-case complexity polynomial in both n and the length of 
the algorithm input, relative to a discrete probability measure /i on the set of braid 
words? What measure should be used? 

4. It is known that braid groups have a faithful linear representation [5] [8]. Can 
this representation be used to obtain a solution to the simple commutator promise 
problem for B n l 

5. There are alternatives to the classical Turing machine model of computing, in 
particular the quantum model, which replaces the transition functions of the Turing 
machine with unitary operations on a finite dimensional Hilbert space, as described 
in [2H]. It is known that braid groups can be used as a model for a method of com- 
putation that is equivalent in power to the quantum model [14|[15J[15J[I7][TS]. Can 
either of these models yield an efficient solution to the simple commutator promise 
problem for the braid groups? 



7. Figures 
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1 2 

figure 2: a braid diag: 



/\ 



i i+1 n 

m corresponding to (7, 



figure 3: a braid diagram corresponding to f2 G B 3 
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